Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.8 views

CVE-2020-24029

Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "corrected in all maintained versions. Password reset requests are validated...

9.8CVSS9.2AI score0.01974EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-16764

Malware in sbrugna...

8.8CVSS8.6AI score0.02278EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-16765

Malware in sbrugna...

9.8CVSS9.2AI score0.01974EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:53 p.m.6 views

CVE-2020-24028

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. NOTE: as of 2025-10-14, the Supplier's perspective is that this "does not allow administrative privilege gain. Authorization is enforced...

8.8CVSS8.7AI score0.02278EPSS
Exploits0References1
OSV
OSV
added 2020/09/02 5:15 p.m.2 views

CVE-2020-24028

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. NOTE: as of 2025-10-14, the Supplier's perspective is that this "does not allow administrative privilege gain. Authorization is enforced...

8.8CVSS7.3AI score0.02278EPSS
Exploits0References3
NVD
NVD
added 2020/09/02 5:15 p.m.17 views

CVE-2020-24028

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. NOTE: as of 2025-10-14, the Supplier's perspective is that this "does not allow administrative privilege gain. Authorization is enforced...

8.8CVSS8.9AI score0.02278EPSS
Exploits0References3
NVD
NVD
added 2020/09/02 5:15 p.m.11 views

CVE-2020-24029

Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "corrected in all maintained versions. Password reset requests are validated...

9.8CVSS9.6AI score0.01974EPSS
Exploits0References2
NVD
NVD
added 2020/09/02 5:15 p.m.18 views

CVE-2020-24030

ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the current implementation. Tokens are properly expire...

9.8CVSS9.7AI score0.02667EPSS
Exploits0References2
OSV
OSV
added 2020/09/02 5:15 p.m.3 views

CVE-2020-24030

ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the current implementation. Tokens are properly expire...

9.8CVSS7.3AI score0.02667EPSS
Exploits0References2
Prion
Prion
added 2020/09/02 5:15 p.m.14 views

Default credentials

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates...

6.5CVSS8.8AI score0.02278EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2020/09/02 5:15 p.m.12 views

Cross site request forgery (csrf)

Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request...

7.5CVSS9.4AI score0.01974EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/09/02 5:15 p.m.12 views

Privilege escalation

ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse...

7.5CVSS9.6AI score0.02667EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/02 4:14 p.m.22 views

CVE-2020-24028

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. NOTE: as of 2025-10-14, the Supplier's perspective is that this "does not allow administrative privilege gain. Authorization is enforced...

8.9AI score0.02278EPSS
Exploits0References3
CVE
CVE
added 2020/09/02 4:14 p.m.42 views

CVE-2020-24028

The CVE-2020-24028 entry concerns ForLogic Qualiex v1 and v3. It states that an authenticated customer can achieve privilege escalation via actions such as creating users, changing passwords, or updating user permissions, within the user’s own permission scope. The supplier‑provided note (as of 2...

8.8CVSS8.6AI score0.02278EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/09/02 4:9 p.m.13 views

CVE-2020-24029

Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "corrected in all maintained versions. Password reset requests are validated...

9.6AI score0.01974EPSS
Exploits0References2
CVE
CVE
added 2020/09/02 4:9 p.m.37 views

CVE-2020-24029

CVE-2020-24029 affects ForLogic Qualiex v1 and v3, where unauthenticated password changes could expose customer/admin permissions and data via a simple request. The root cause is unauthenticated password changes; as of 2025-10-14, the supplier indicates this is corrected in all maintained version...

9.8CVSS9.1AI score0.01974EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/09/02 4:8 p.m.37 views

CVE-2020-24030

CVE-2020-24030 affects ForLogic Qualiex v1 and v3, where weak token expiration allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. Across connected sources, the issue is tied to token handling rather than a traditional flaw in application logic. The Re...

9.8CVSS9.3AI score0.02667EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/02 4:8 p.m.22 views

CVE-2020-24030

ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the current implementation. Tokens are properly expire...

9.7AI score0.02667EPSS
Exploits0References2
Rows per page
Query Builder